Python SDK

The Python language wrapper for interacting with the Bitwarden Secrets Manager. The SDK, like the Secrets Manager CLI built on-top of it, can be used to execute the following operations:

• Authenticate using an access token.
• Retrieve a single secret or all secrets in a project.
• List all secrets, secrets in a project, or projects.

Note

This SDK is a beta release. Therefore, some functionality may be missing.

This SDK is a beta release. Therefore, some functionality may be missing.

Requirements

Setting up a Secrets Manager account prior to using the Python SDK is recommended. This includes:

• Enabling the Secrets Manager CLI.
• Setting up machine accounts.
• Setting up access tokens.

Dependencies

• Python 3
• maturin
• npm

GitHub Repository

Locate the Python GitHub repository here.

Using a virtual environment

Build the script within a virtual environment:

npm run schemas # generate schemas.py

cd languages/python/
python3 -m venv .venv
maturin develop

run:

source .venv/bin/activate
python3 ./example.py

deactivate # run this to close the virtual session

Build Python SDK

The Python SDK build can be installed with two methods:

Python package manager (pip install)

Local build (advanced)

Python package manager

Install using pip:

pip install bitwarden-sdk

Local build

From the root of the repository:

npm run schemas # generate schemas.py

cd languages/python/
maturin develop

You can now import BitwardenClient in your Python code with:

from bitwarden_sdk import BitwardenClient, DeviceType, client_settings_from_dict

Run

Set the ORGANIZATION_ID and ACCESS_TOKEN environment variables to your organization ID and access token:

export ORGANIZATION_ID="<org-id>"
export ACCESS_TOKEN="<access-token>"

By default, the SDK uses endpoints for https://bitwarden.com. If you are running on a local dev server, or self-hosted or .eu, set API_URL and IDENTITY_URL:

export API_URL="<api-url>"
export IDENTITY_URL="<identity-url>"

run:

python3 ./example.py

Warning

The example.py script contains example secret and project operations. If you do not wish for the example projects and secrets operations to be created, edit or remove the example operations in ./example.py.

source .venv/bin/activate
python3 ./example.py

deactivate # run this to close the virtual session

Secrets Manager operations

Once the Bitwarden client has been created and authorized, Secrets Manager CLI commands can be passed into the client.

Projects

The project command is used to access, manipulate, and create projects. The scope of access assigned to your machine account will determine what actions can be completed with the project command.

create project

project = client.projects().create("ProjectName", organization_id)
project2 = client.projects().create("Project - Don't Delete Me!", organization_id)
updated_project = client.projects().update(
    project.data.id, "Cool New Project Name", organization_id
)
get_that_project = client.projects().get(project.data.id)

delete project

input("Press Enter to delete the project...")
client.projects().delete([project.data.id])

get projects

print(client.projects().list(organization_id))

Secrets

The secret command is used to access, manipulate and create secrets. As with all commands, secrets and projects outside your access token’s scope of access cannot be read or written-to.

create secret

secret = client.secrets().create(
    "TEST_SECRET",
    "This is a test secret",
    organization_id,
    "Secret1234!",
    [project2.data.id],
)

update secret

secret_updated = client.secrets().update(
    secret.data.id,
    "TEST_SECRET_UPDATED",
    "This as an updated test secret",
    organization_id,
    "Secret1234!_updated",
    [project2.data.id],

get secret

secret_retrieved = client.secrets().get(secret.data.id)

delete secret

input("Press Enter to delete the secret...")
client.secrets().delete([secret.data.id])

print secret

print(client.secrets().list(organization_id))